Posted in: All Posts, MEMCM/SCCM

Microsoft Edge ADR in MEMCM

Yo! This post is going to focus on the configuration and deployment of an ADR (Automatic Deployment Rule) in MEMCM for Microsoft Edge. Why set up an ADR for Edge when you can allow MSFT to auto-update? I don’t know about you, but I’ve seen Microsoft auto-updates turn an enterprise on its head before. One great change in the developers eyes can take down any number of enterprise applications in a heartbeat. I like to keep granular control on that process so, with testing and validation, we can be assured that the latest, greatest patch isn’t going to hose day to day operations in the enterprise. There’s always those users, too, that insist on the latest, greatest everything. Too bad. I’m the asshole sysadmin that actually likes to keep functionality over form. And don’t get me started on how much I love BOFH.*** </end diatribe>

So, let’s get into the actual meat of creating an ADR. If you aren’t familiar, this guide will walk you through the basic understanding of what it takes to create and deploy said ADR. If you are? Read on anyway. I like views on my blog. Sue me. Under Software Library, expand Software Updates and right-click on Automatic Deployment Rules.

Give a logical, descriptive name to your rule. Skipping the templates (for now), specify the collection for the deployment. It’s extremely important to target a well thought out test bed for these deployments because, as I said earlier, you don’t want to take down an enterprise application. And no, production isn’t your test group. Workstations | All would be a bad idea for this.

I always select “Use Wake-on-LAN” on this page, as I have it configured in my environment. If you don’t or you simply don’t care, leave it be. YMMV. I also select, Automatically deploy all software updates and approve license agreements. Who puts license agreements in updates anyway?

Now this is where the ADR creation can get kind of tricky. It would be a good idea to follow the below suggestions as a starting point. You’re welcome to adjust the released/revised date to suit your organizational needs. But leave Product and Update Classification as they are. Or don’t. Your call. 🙂

I generally like to run my ADR’s the Friday following Patch Tuesday to allow any updates to be pulled back in case of “oopsie” from MSFT. Again, your organizational requirements may be different. Feel free to play with this one.

For the purposes of testing and validation, I generally set the software available time and installation deadline to as soon as possible. I want to know if anything is going to break as soon as possible so I can work on pulling back the update as quickly as I can. And, as I work in 2 timezones presently, I use client local time. I hate doing UTC calculations in my head. Somehow, I always manage to screw it up.

I’m a big fan of software updates happening behind the scenes to mitigate calls to the service desk because something unfamiliar popped up. So I hide in Software Center and all notifications. I also try to suppress reboots and wait for my weekly, scheduled reboot to occur.

Alerts aren’t all that important to me with test groups, so I leave this alone. If you’re big on generating alerts in the console, do so here.

This being the first time I’m creating this ADR, I’m going to create a new software deployment package called Microsoft Edge and place it in a relatively easy location to remember.

I also like my clients to get the updates no matter what, so I allow them to go to neighbouring Distribution Points or even out to Microsoft. I like compliance.

Congration! A winner is you! That’s it. You’ve created you Microsoft Edge ADR and are one click away from completing the process.

A Winner Is You | Know Your Meme

And that’s about it. Your ADR rule should run at the time you scheduled and automagically deploy to the TEST group you selected in this wizard. It’s a fairly straghtforward process that can be replicated for any number of products that WSUS supports. Thanks for reading!

*** For those not in the know, BOFH (Bastard Operator From Hell) is an old webseries that was written LONG ago. It provides creative inspiration, er, a healthy outlet when your users are getting on your nerves.

Bastard Operator From Hell web archive

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.